<?php
if(!defined('INDEX')){
	exit('Access Denied');
}
function act_m_mima(){
	global $duoduo;
	$webset = $duoduo->webset;
	$dduser = $duoduo->dduser;
	$step=intval($_GET['step'])?intval($_GET['step']):1;
	$email=trim($_POST['email']);
	if($step==2){
		$email_pass = reg_email($email);
		if ($email_pass == 0) {
			jump(-1,'邮箱格式错误'); //邮箱格式错误
		}
		$user=$duoduo->select('user','ddusername,ddpassword','email="'.$email.'"');
		if ($user['ddusername']=='') {
			jump(-1,'邮箱不存在'); //邮箱不存在
		}
		$x = md5($user['ddusername'].'+'.$user['ddpassword']);
		$string = urlencode(base64_encode($user['ddusername']."*".$x.'*'.TIME));
		$html="请点击链接进入".WEBNAME."进行密码重置。有效时间10分钟。<a href=\"http://".URL."/index.php?mod=wap&act=mima&step=3&str=".$string."\">http://".URL."/index.php?mod=wap&act=mima&do=step3&str=".$string."</a>";
		$title=WEBNAME."取回密码邮件";
		$mymsg=mail_send($email, $title, $html);
		$email_web='http://mail.'.preg_replace('/(.*)@/','',$email);
		if($mymsg==1){
			$mymsg='<span style="line-height:35px">找回密码的链接已发送成功<br/>请到您的邮箱（<a style="color:red; text-decoration:underline" href="'.$email_web.'"><b>'.$email.'</b></a>）查看<br/>进入邮箱点击连接及时更改您的密码！</span>';
		}
		else{
			$mymsg='邮件发送失败？<br><br>请联系网站管理员！';
		}
	}
	elseif($step==3){
		$str=trim($_GET['str']); 
		if($str==''){
			jump(-1,'缺少必要参数'); 
		}
		
		$mingma_str=base64_decode($str);
		$array_result = explode('*',$mingma_str);
		
		StopAttack($array_result);
		if(TIME-$array_result[2]>600){
			jump(-1,'访问超时'); 
		}
		
		$user=$duoduo->select('user','ddusername,ddpassword','ddusername="'.$array_result[0].'"');
		if($user['ddusername']==''){
			jump(-1,'账号密码错误'); 
		}
		$x = md5($user['ddusername'].'+'.$user['ddpassword']);
		if($x!=$array_result[1]){
			jump(-1,'参数验证失败'); 
		}
	}
	elseif($step==4){
		$name=trim($_POST['ddusername']); 
		$pwd=trim($_POST['password']); 
		$x=trim($_POST['x']); 
		$md5pwd=md5($pwd);
	
		if($name==""||$pwd==""){
			jump(-1,'缺少必要参数'); 
		}
		
		$user=$duoduo->select('user','ddusername,ddpassword','ddusername="'.$name.'"');
		if($x != md5($user['ddusername'].'+'.$user['ddpassword'])){
			jump(-1,'参数验证失败'); 
		}
		
		if($webset['ucenter']['open']==1){
			include DDROOT.'/comm/uc_define.php';
			include_once DDROOT.'/uc_client/client.php';
			$uc_name = iconv("utf-8", "utf-8", $name);
			$ucresult = uc_user_edit($uc_name,'',$pwd,'',1);
			if($ucresult<0){
				jump(-1,'修改密码失败'); 
			}
		}
		
		$duoduo->update('user', array('ddpassword'=>$md5pwd), "ddusername='".$name."'");
		$mymsg="密码重置成功！<br><br>现在您可以用您新设置的密码登录了。<br><br><br><br><a href=".p('m','login')."  class=redlink>用户登录</a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href=".p('index')." class=redlink>返回首页</a>";
	}
	unset($duoduo);
	$parameter['step']=$step;
	$parameter['mymsg']=$mymsg;
	$parameter['x']=$x;
	$parameter['array_result']=$array_result;
	return $parameter;
}
?>
<?php
$parameter=act_m_mima();
extract($parameter);
if(!defined('INDEX')){
	exit('Access Denied');
}
$webtitle=$webset['title'].'找回密码';
include(TPLPATH."/inc/header_2.tpl.php");
?>
<script type="text/javascript" src="js/jquery.validate.js"></script>
<div class="yingdao" align="center">
  <p><b>找回密码</b><a href="javascript:;" onclick="history.back()" title="返回" class="left"></a> <a href='<?=wap_l('user','index')?>' title="会员中心" class="right"></a> </p></div>  
  
 <div class="wap-index">
 <div class="p15">
 <div class="register">
  <table style="width:100%; margin:auto" border="0" cellpadding="0" cellspacing="0">
  <?php if($step==1){?>
  <form id="form1" name="form1" method="post" action="<?=wap_l('user','mima',array('step'=>2))?>">
  <tr height="40">
		  <td>请填写您注册时的邮箱</td>
		</tr>
		 <tr height="40">
		  <td><input type="text" id="email" name="email" maxlength="50" placeholder="请输入注册时的邮箱号码" class="ddinput"/></td>
		</tr>
		<tr height="40">
		  <td height="80" colspan="2"> <input name="sub" type="submit" value="找回密码"  class="register_dl"></td>
		  <td></td>
		</tr>
  </form>
  <?php }elseif($step==2 || $step==4){?>
  <tr>
    <td height="50" colspan="3" align="center" style="font-size:14px"><?=$mymsg?></td>
  </tr>
  <?php }elseif($step==3){?>
  <tr>
    <td align="center" colspan="3">
    <form id="form2" name="form2" method="post" action="<?=wap_l('user','mima',array('step'=>4))?>">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">

		   <tr height="40">
        <td><input name="password" type="password" id="password" placeholder="请输入新的密码" maxlength="20"class="ddinput"/>
       </td>
      </tr>
      <tr>
        <td height="35" align="left"> <input name="password_confirm" type="password"  placeholder="再次输入新的密码" id="password_confirm" maxlength="20" class="ddinput"/>
        </td>
      </tr>
     <tr height="40">
        <td height="80" colspan="2"><input type="hidden" name="x" value="<?=$x?>" /> 
		<input type="hidden" name="ddusername" value="<?=$array_result[0]?>" />
        <input type="submit" name="Submit" value="重置密码" class="register_dl" /></td>
      </tr>
    </table>
    </form>
    </td>
  </tr>
  <?php }?>
</table>
</div></div></div>
<script>
$(function(){
    $('#form1').validate({
        errorPlacement: function(error, element){
            var error_td = element.parent('td').parent('tr').next('tr').find('#tip');
            error_td.find('.field_notice').hide();
            error_td.append(error);
        },
        success : function(label){
            label.addClass('validate_right').text('OK!');
        },
        onkeyup: false,
        rules : {
            email : {
                required : true,
                email    : true
            }
        },
        messages : {
            email : {
                required : '您必须提供您的电子邮箱',
                email    : '这不是一个有效的电子邮箱'
            }
        }
    });
	
	$('#form2').validate({
        errorPlacement: function(error, element){
            var error_td = element.parent('label').parent('td').next('td');
            error_td.find('.field_notice').hide();
            error_td.append(error);
        },
        success : function(label){
            label.addClass('validate_right').text('OK!');
        },
        onkeyup: false,
        rules : {
            password : {
                required : true,
                minlength: 6
            },
            password_confirm : {
                required : true,
                equalTo  : '#password'
            }
        },
        messages : {
            password  : {
                required : '您必须提供一个密码',
                minlength: '密码长度应在6-20个字符之间'
            },
            password_confirm : {
                required : '您必须再次确认您的密码',
                equalTo  : '两次输入的密码不一致'
            }
        }
    });
});
</script>
<?php
include(TPLPATH."/inc/footer.tpl.php");
?>
